lets say /opt/SunWzztop/bin is not first on your path, and for some reason a directory in your path was writable by some malicious user - if they put a top in there, then all of a sudden when you type in top, expecting to get /opt/SunWzztop/bin/top, you get another top instead. And this top does funky stuff like rm -rf / whoops.
-----Original Message----- From: Joe Sloan [mailto:[EMAIL PROTECTED] Sent: Thursday, 20 December 2007 5:30 p.m. To: [email protected] Subject: Re: [opensuse] Beagle under 10.3 is really eating up my CPU --snip-- >> - but I expect to spend time fixing things up to make those OSes > > Hat to say it, but no, you were possibly introducing > security holes into those systems. Very few apps in > /opt or /usr/local are ever tested for safety under > root's UID. Examples, please? What would be the security advantage of typing "/opt/SunWzztop/bin/top" every time, instead of "top", with /opt/SunWzztop/bin in the path? Joe -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] -- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
